Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2649

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2004-2649
Last Modified 10 Sep 2008 03:34:19
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-2649

Summary

Eudora 6.1.0.6 allows remote attackers to obfuscate URLs displayed in the status bar by inserting a large number of characters (e.g. spaces coded as " ") in the middle of the URL.

Vulnerable Systems

Application

  • Eudora 6.1.0.6


References

XF - eudora-url-spoofing(16105)

OSVDB - 6009

CONFIRM - http://www.eudora.com/download/eudora/windows/6.1.2/RelNotes.txt

BID - 10305

SECTRACK - 1010117

SECUNIA - 11581

BUGTRAQ - 20040508 Status bar exploit hides spoofed URLs Eudora, possibly other e-mail clients


Last Updated: 27 May 2016 10:39:34